This Week in Security News: DevOps Implementation Concerns and Malware Variants

Credit to Author: Jon Clay (Global Threat Communications)| Date: Fri, 23 Aug 2019 14:01:24 +0000

Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, learn about how most respondents to a Trend Micro survey shared their concern for the risks in implementing DevOps. Also, read on about how Trend Micro uncovered a MyKings variant that had been hiding for roughly two years before it was discovered.

 

Read on:

How Do Threats Align with Detection and Solutions?

There are many different threats targeting many different areas of a corporate network. I built an interactive graphic to help others understand the full ecosystem of how security works across your network, how to detect threats and ultimately what solutions can be utilized in the different areas of networks to protect themselves and their systems and data.

XDR Is the Best Remedy as Attackers Increasingly Seek to Evade EDR

Greg Young, vice president of cybersecurity at Trend Micro, discusses how many enterprises don’t effectively manage their endpoints and how Trend Micro’s XDR solution is a more effective solution for endpoint management and dealing with evasive threats.

Nest Enrages Users by Removing Option to Disable Camera Status LEDs

Google just made good on one of the promises it made at I/O 2019 — it’s removing the option to disable camera status LEDs. Nest customers have responded with almost universal anger to the change. They’ll be able to dim the lights on Nest Cam, Dropcam, and Hello devices, but you won’t be allowed to turn them off while they’re recording.

The Sky Has Already Fallen (You Just Haven’t Seen the Alert Yet)

Rik Ferguson, vice president of security research at Trend Micro, discusses how the typical security operations center (SOC) of today is drowning in a volume of alerts. In the financial world, 60 percent of banks routinely deal with more than 100,000 alerts every day, with 17 percent of them reporting more than 300,000 security alerts, and this pattern is repeated across industry verticals.

Innovate or Die?

Bill Malik, vice president of infrastructure strategies at Trend Micro, discusses how a recent series of IT acquisitions and IPOs highlight a simple economic fact: companies that fail to keep up with the fast-paced innovation of technology can easily become targets for acquisition.

MoviePass Exposed Thousands of Unencrypted Customer Card Numbers

Movie ticket subscription service MoviePass has exposed tens of thousands of customer card numbers and personal credit cards because a critical server was not protected with a password. A massive, exposed database on one of the company’s many subdomains was found containing 161 million records at the time of writing and growing in real time.

The Path to Secure DevOps Initiatives: Bridging the Gap Between Security and DevOps

The growing demand for faster and more efficient software development brings DevOps to the fore, but not without disrupting the inner workings of production and security teams. In a survey commissioned by Trend Micro, majority of the respondents shared their concern for the risks in implementing DevOps.

FAKE APPS! Courtesy of Agent Smith

Early this month a new global Android malware campaign called Agent Smith was revealed to have compromised 25 million handsets across the globe including many in the U.S., serving as another reminder to users not to take mobile security for granted. Fortunately, users can make giant strides towards keeping the hackers at bay with a few easy steps.

Google Android Adware Warning Issued To 8 Million Play Store Users

Security researchers at Trend Micro have revealed that the Google Play Store hosted 85 apps ridden with adware. Worse still, these apps have netted more than 8 million downloads. The adware-ridden apps were posing as legitimate services focusing on gaming or photography. 

OVIC Finds PTV in Violation of Privacy and Data Protection Act 2014 in myki Records Disclosure

The Office of the Victorian Information Commissioner (OVIC) determined that the Public Transport Victoria (PTV) breached the Information Privacy Principle (IPP) under the Privacy and Data Protection Act 2014. The decision came after the PTV released data in 2018 that exposed more than 15 million myki cards’ “touch on” and “touch off” travel history data, which could be used to identify specific users.

BEC Scam Costing Almost US$11 Million Leads to FBI Arrest of Nigerian Businessman

The CEO of the Invictus Group of Companies, Obinwanne Okeke, has reportedly been arrested by the U.S. Federal Bureau of Investigation (FBI) after he was accused of conspiracy to commit computer and wire fraud. The FBI investigation into Okeke was initiated after a victim of a business email compromise (BEC) scam informed the FBI that it had been defrauded of nearly US$11 million.

22 Texas Towns Hit with Ransomware Attack In ‘New Front’ Of Cyberassault

State officials confirmed this week that computer systems in 22 municipalities have been infiltrated by hackers demanding a ransom. A mayor of one of those cities said the attackers are asking for $2.5 million to unlock the files. The Federal Bureau of Investigation and state cybersecurity experts are examining the ongoing breach, and officials have not disclosed which specific places are affected.

Uncovering a MyKings Variant with Bootloader Persistence via Managed Detection and Response

MyKings alone has already infected over 500,000 machines and mined an equivalent of US$2.3 million as of early 2018. The timing of the attack we recently found could indicate that it may have been part of the campaign we previously found in 2017.

Asruex Backdoor Variant Infects Word Documents and PDFs Through Old MS Office and Adobe Vulnerabilities

Since it first emerged in 2015, Asruex has been known for its backdoor capabilities and connection to the spyware DarkHotel. However, when we encountered Asruex in a PDF file, we found that a variant of the malware can also act as an infector, which inject code in Word and PDF files respectively.

They’re Attacking the Brain of Your Smart Home (or Office)

A smart device that turns your lights off when you leave or checks to see if you left any doors or windows unlocked may be convenient, but adding and connecting more smart items to your house can cause new and unexpected problems and let the bad guys in. Greg Young, Trend Micro’s vice president of cybersecurity, discusses various ways to protect smart homes from these kinds of cyber attacks.

Are you up to speed on how security works across your network, how to detect threats and what solutions can be utilized in different network areas to protect systems and data? Share your thoughts in the comments below or follow me on Twitter to continue the conversation: @JonLClay.

The post This Week in Security News: DevOps Implementation Concerns and Malware Variants appeared first on .

http://feeds.trendmicro.com/TrendMicroSimplySecurity